There are various nice tools around, that enable you listening to whatever ip connection you like. This is called “sniffing”. You should be carefull about what you're doing and respect other peoples private sphere.

A problem often experienced is, that packages won't appear though you're know they're on the wire.
This may be caused by an unreachable nameserver, whichs awaiting queries hold the Package back from being printed. Avoid this using:

move out.pcap to the Box you're equipped with Wireshark, and Mouse it! This is also the suggested way to post to the support mailinglist. Please remember that you might post usernames and passwords here, so try to demonstrate your behaviour with a dummy user and password.

you can filter the output of tcpdump using a neat filter language. For example you just want to see 192.168.1.1 http traffic:

tcpdump host 192.168.1.1 and port 80

Here is a list of Ports and which kind of traffic they cary.
if you want to filter for mac-addresses you can do that by using 'host ether 00:….'
explore more of this neat filter language on man tcpdump

ngrep is a unix commandline tool, that might show you running traffic better than wireshark or tcpdump, because of it focuses of printing the payload of the traffic. It allso uses the tcpdump backend library, and thus takes the same expressions as tcpdump:

ngrep port 80 and not host 172.16.29.226 -W byline

the -W byline stops it from stripping linebreaks from the traffic. this will make it show you requests and stuff in a better readable manner.
The output of ngrep is somewhat comparable to a tail -f.

Wireshark was formerly known as ethereal. It “understands” most of the protocols around in the internet today, and will display you structures in a tree view, or enable you just to view the tcp payload of a text oriented protocol as HTTP or SMTP. It runs under allmost any os with a GUI arround these days. If you want to analyze traffic spoken by a remote box see the above tcpdump howto capture streams for later analysis.